Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # -*- coding: utf-8 -*-
- # shodan.io login by mrkx
- # you may change the code make it into cracker
- #
- #
- import requests,urllib2,subprocess
- account_link = 'https://account.shodan.io'
- login_path = '/login'
- home_link = "https://www.shodan.io/"
- username = ""
- password = ""
- s = requests.Session()
- headers = {
- 'Host':'account.shodan.io',
- 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
- 'Accept-Encoding': 'gzip, deflate',
- 'Accept-Language': 'en-US,en;q=0.9',
- 'Dnt': '1',
- 'Upgrade-Insecure-Requests': '1',
- 'User-Agent': 'Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 OPR/54.0.2952.54'
- }
- a = s.get(account_link+login_path,headers=headers)
- header_1 = a.headers
- data = a.text.split("\n") #.encode('utf-8').decode('zlib_codec','strict')
- csrf_token = ""
- for i in data:
- if 'name="csrf_token"' in i:
- csrf_token= i.replace('<input type="hidden" name="csrf_token" value="','').replace('" />','')
- gcookie = header_1['Set-Cookie'].split(" ")
- cookie_jar = {}
- for i in gcookie:
- if "__cfduid=" in i:
- cookie_jar["__cfduid="] = i.replace(";","")
- elif "session=" in i:
- cookie_jar["session="] = i.replace(";","")
- login_form_data = 'username=%s&password=%s'%(username,password)+'&grant_type=password&continue=https%3A%2F%2Fwww.shodan.io%2F&csrf_token='+csrf_token+'&login_submit=Login'
- login_headers = {
- 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
- 'Accept-Encoding': 'gzip, deflate',
- 'Accept-Language': 'en-US,en;q=0.9',
- 'Cache-Control': 'max-age=0',
- 'Content-Length': '%s'%(len(login_form_data)),
- 'Content-Type': 'application/x-www-form-urlencoded',
- 'Cookie': '%s; %s'%(cookie_jar["__cfduid="],cookie_jar["session="]),
- 'Dnt': '1',
- 'Origin': 'https://account.shodan.io',
- 'Referer': 'https://account.shodan.io/login',
- 'Upgrade-Insecure-Requests': '1',
- 'User-Agent': 'Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 OPR/54.0.2952.54'
- }
- a = s.post(account_link+login_path,headers=login_headers,data=login_form_data)
- print a.headers
- data_login1= a.text
- if "api-key-content" in data_login1:
- print "[*] login as: %s"%(username)
- for i in data_login1.split("\n"):
- if '<li id="api-key-content" style="display:none">' in i:
- print "[*] %s"%(i.replace('<li id="api-key-content" style="display:none">','').replace('</li>',''))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement